It's not a problem, it's a feature. We backported a CVE to secure Libvirt and enable SSH auth between compute nodes, for live migration.
If the ssh options don't work for you, you can override them with SshServerOptions parameter.

Example: https://github.com/openstack/tripleo-heat-templates/blob/107b610923ba5d39f90c3a6a63bf2d3642e1b35d/puppet/services/sshd.yaml#L41-L61

Please re-open the bug if needed.

I don't think it has to do with the version of openssh. The issue is that:

- before you managed the sshd_config yourself for your own needs
- now, the file is managed by Puppet, but there is an interface that you can use to configure your own needs.

So please, tell us what parameters you need and we'll help you to feed a value to this parameter:
https://github.com/openstack/tripleo-heat-templates/blob/107b610923ba5d39f90c3a6a63bf2d3642e1b35d/puppet/services/sshd.yaml#L41-L61

Please see my comment #3

Like I said, the ssh_config can be overridden via SshServerOptions. Please tell us what you can't do with SshServerOptions otherwise I'll close the bug.

Closing this out as it is currently configurable using the hieradata_overrides file to specify tripleo::profile::base::sshd::options using the structure mentioned like in https://github.com/openstack/tripleo-heat-templates/blob/107b610923ba5d39f90c3a6a63bf2d3642e1b35d/puppet/services/sshd.yaml#L41-L61